ForgeOps

Staged CDK and CDM installation

By default, the forgeops install command installs the entire ForgeRock Identity Platform.

You can also install the platform in stages to help troubleshoot deployment issues.

To install the platform in stages:

  1. Verify that the namespace in which the ForgeRock Identity Platform is to be installed is set in your Kubernetes context.

  2. Identify the size of the cluster you’re deploying the platform on. You’ll specify the cluster size as an argument to the forgeops install command:

    • --cdk for a CDK deployment

    • --small, --medium, or --large, for a CDM deployment

  3. Install the base and ds components first. Other components have dependencies on these two components:

    1. Install the platform base component:

      $ cd /path/to/forgeops/bin
      $ ./forgeops install base --size --fqdn myfqdn.example.com
      Checking secret-agent operator and related CRDs: secret-agent CRD not found. Installing secret-agent.
      namespace/secret-agent-system created
      . . .
      
      Waiting for secret agent operator…​
      customresourcedefinition.apiextensions.k8s.io/secretagentconfigurations.secret-agent.secrets.forgerock.io condition met
      deployment.apps/secret-agent-controller-manager condition met
      pod/secret-agent-controller-manager-694f9dbf65-52cbt condition met
      
      Checking ds-operator and related CRDs: ds-operator CRD not found. Installing ds-operator.
      namespace/fr-system created
      customresourcedefinition.apiextensions.k8s.io/directoryservices.directory.forgerock.io created
      . . .
      
      Waiting for ds-operator…​
      customresourcedefinition.apiextensions.k8s.io/directoryservices.directory.forgerock.io condition met
      deployment.apps/ds-operator-ds-operator condition met
      pod/ds-operator-ds-operator-f974dd8fc-55mxw condition met
      
      Installing component(s): ['base']
      
      configmap/dev-utils created
      configmap/platform-config created
      Warning: networking.k8s.io/v1beta1 Ingress is deprecated in v1.19+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
      ingress.networking.k8s.io/end-user-ui created
      ingress.networking.k8s.io/forgerock created
      ingress.networking.k8s.io/ig-web created
      ingress.networking.k8s.io/login-ui created
      ingress.networking.k8s.io/platform-ui created
      secretagentconfiguration.secret-agent.secrets.forgerock.io/forgerock-sac created
      
      Waiting for K8s secrets
      Waiting for secret: am-env-secrets …​done
      Waiting for secret: idm-env-secrets …​…​done
      Waiting for secret: rcs-agent-env-secrets …​done
      Waiting for secret: ds-passwords .done
      Waiting for secret: ds-env-secrets .done
      
      Relevant passwords:
      . . .
      
      Relevant URLs:
      https://myfqdn.example.com/platform
      https://myfqdn.example.com/admin
      https://myfqdn.example.com/am
      https://myfqdn.example.com/enduser
      
      Enjoy your deployment!
    2. After you’ve installed the base component, install the ds component:

      $ ./forgeops install ds --size
      Checking secret-agent operator and related CRDs: secret-agent CRD found in cluster.
      Checking ds-operator and related CRDs: ds-operator CRD found in cluster.
      
      Installing component(s): ['ds']
      
      directoryservice.directory.forgerock.io/ds-idrepo created
      
      Enjoy your deployment!
  4. Install the other ForgeRock Identity Platform components. You can either install all the other components by using the forgeops install apps command, or install them separately:

    1. Install AM:

      $ ./forgeops install am --size
      Checking secret-agent operator and related CRDs: secret-agent CRD found in cluster.
      Checking ds-operator and related CRDs: ds-operator CRD found in cluster.
      
      Installing component(s): ['am']
      
      service/am created
      deployment.apps/am created
      
      Enjoy your deployment!
    2. Install Amster:

      $ ./forgeops install amster --size
      Checking secret-agent operator and related CRDs: secret-agent CRD found in cluster.
      Checking ds-operator and related CRDs: ds-operator CRD found in cluster.
      
      Installing component(s): ['amster']
      
      job.batch/amster created
      
      Enjoy your deployment!
    3. Install IDM:

      $ ./forgeops install idm --size
      Checking secret-agent operator and related CRDs: secret-agent CRD found in cluster.
      Checking ds-operator and related CRDs: ds-operator CRD found in cluster.
      
      Installing component(s): ['idm']
      
      configmap/idm created
      configmap/idm-logging-properties created
      service/idm created
      deployment.apps/idm created
      
      Enjoy your deployment!
  5. Install the user interface components. You can either install all the applications by using the forgeops install ui command, or install them separately:

    1. Install the administration UI:

      $ ./forgeops install admin-ui --size
      Checking secret-agent operator and related CRDs: secret-agent CRD found in cluster.
      Checking ds-operator and related CRDs: ds-operator CRD found in cluster.
      
      Installing component(s): ['admin-ui']
      
      service/admin-ui created
      deployment.apps/admin-ui created
      
      Enjoy your deployment!
    2. Install the login UI:

      $ ./forgeops install login-ui --size
      Checking secret-agent operator and related CRDs: secret-agent CRD found in cluster.
      Checking ds-operator and related CRDs: ds-operator CRD found in cluster.
      
      Installing component(s): ['login-ui']
      
      service/login-ui created
      deployment.apps/login-ui created
      
      Enjoy your deployment!
    3. Install the end user UI:

      $ ./forgeops install end-user-ui --size
      Checking secret-agent operator and related CRDs: secret-agent CRD found in cluster.
      Checking ds-operator and related CRDs: ds-operator CRD found in cluster.
      
      Installing component(s): ['end-user-ui']
      
      service/end-user-ui created
      deployment.apps/end-user-ui created
      
      Enjoy your deployment!
  6. In a separate terminal tab or window, run the kubectl get pods command to monitor status of the deployment. Wait until all the pods are ready.

Multiple component installation

You can specify multiple components with a single forgeops install command. For example, to install the base, ds, am, and amster components in the CDK or CDM:

$ ./forgeops install base ds am amster --size
Copyright © 2010-2022 ForgeRock, all rights reserved.